deploying project through tomcat manager safe?

I have just started using the tomcat manager and thought it was pretty neat but...I can't find my files anywhere. I run Ubuntu 11.10 and because I have installed tomcat 6 through apt package manager that my CATALINA_HOME is located at /usr/share/tomcat6 and CATALINA_BASE located at /var/lib/tomcat6...honestly no big deal, I'm used to this but now that I'm deploying apps through the deployment feature of tomcats manager I don't see my files in any of these locations because an xml file apparently points tomcat to my project folder. Question is..Is it secure to let the xml file point tomcat to my home/workspace/project directory? Thanks for the input!

"Safe" is a relative term. You wouldn't have a projects directory on a production server, so that's not an issue, and a development machine inherently "unsafe" in the hands of authorized users.

You seem to be mixing 2 different issues, though. One of which is that you're apparently using the Tomcat Manager to deploy and the other of which is that your deployed webapp is located in an external directory.

Which actually doesn't make sense, since the Tomcat Manager can't do that. When you deploy using Tomcat Manager, it uploads a copy of your WAR into Tomcat's internal storage. It has to, since otherwise the Tomcat Manager couldn't deploy WARs that initially resided on a separate machine.

On the other hand, I myself run test webapps directly from my project directory, but I don't use the Tomcat Manager to deploy them, I just install a Context in Tomcat that tells it that the WAR is located in my project directory. As for "safe", it's as safe as the working copy of the project itself is.

Customer surveys are for companies who didn't pay proper attention to begin with.